CS0-002 exam

An information security analyst is reviewing backup data sets as part of a project focused on eliminating archival data sets. Which of the following should be considered FIRST prior to disposing of the electronic data?A . Sanitization policyB . Data sovereigntyC . Encryption policyD . Retention standardsView AnswerAnswer: D

Risk management wants IT to implement a solution that will permit an analyst to intercept, execute, and analyze potentially malicious files that are downloaded from the Internet. Which of the following would BEST provide this solution?A . File fingerprintingB . Decomposition of malwareC . Risk evaluationD . SandboxingView AnswerAnswer: A

During a cyber incident, which of the following is the BEST course of action?A . Switch to using a pre-approved, secure, third-party communication system.B . Keep the entire company informed to ensure transparency and integrity during the incident.C . Restrict customer communication until the severity of the breach is confirmed.D...

Ann, a user, reports to the security team that her browser began redirecting her to random sites while using her Windows laptop. Ann further reports that the OS shows the C: drive is out of space despite having plenty of space recently. Ann claims she not downloaded anything. The security...

Which of the following should be found within an organization's acceptable use policy?A . Passwords must be eight characters in length and contain at least one special character.B . Customer data must be handled properly, stored on company servers, and encrypted when possibleC . Administrator accounts must be audited monthly,...

Which of the following software security best practices would prevent an attacker from being able to run arbitrary SQL commands within a web application? (Choose two.)A . Parameterized queriesB . Session managementC . Input validationD . Output encodingE . Data protectionF . AuthenticationView AnswerAnswer: A, C Explanation: Reference: https://www.ptsecurity.com/ww-en/analytics/knowledge-base/how-to-prevent-sql-injection-attacks/

During routine monitoring, a security analyst discovers several suspicious websites that are communicating with a local host. The analyst queries for IP 192.168.50.2 for a 24-hour period: To further investigate, the analyst should request PCAP for SRC 192.168.50.2 and.A . DST 138.10.2.5.B . DST 138.10.25.5.C . DST 172.10.3.5.D . DST...

A security analyst has a sample of malicious software and needs to know what the sample does?. The analyst runs the sample in a carefully controlled and monitored virtual machine to observe the software behavior. Which of the following malware analysis approaches is this?A . White box testingB . FuzzingC...

During an investigation, a security analyst identified machines that are infected with malware the antivirus was unable to detect. Which of the following is the BEST place to acquire evidence to perform data carving?A . The system memoryB . The hard driveC . Network packetsD . The Windows RegistryView AnswerAnswer:...

A security team wants to make SaaS solutions accessible from only the corporate campus. Which of the following would BEST accomplish this goal?A . GeofencingB . IP restrictionsC . Reverse proxyD . Single sign-onView AnswerAnswer: A Explanation: Reference: https://bluedot.io/library/what-is-geofencing/